reportcustomizationfortigate

Customization of FortiWeb "Web Vulnerability Scan" reports


Does anyone ever use "Web Vulnerability Scan" in FortiWeb? Generated repoerts looks pretty poor ("user friedly" about 0%). How I can customize it? For example: one of the reports has about 8000 pages and it's not good at all (test report with test web-server). It is include full html http-response, but sometimes (in some vulnerabilities or suspected vulnerabilities) i don't need it at all. Can anyone help with it? Maybe in future versions of FortiWeb reports customiztion will be improved...

I can't do anything except write a some script that will be parse report and delete extra data, but this doesn't seem like a good solution


Solution

  • As it turned out this report is mainly intended to be used to feed the custom Web Protection Profile that are based on vulnerability scan report, that's why they are not so user friendly. So the best solution - use another scanner.